Table Of Contents
CiscoWorks Management Center for Cisco Security Agents v4.0
Cisco Systems® offers its customers one of the most comprehensive network security threat protection portfolios for securing large corporate networks. The next generation of Cisco® security agent technology provides robust security software for server and desktop computing systems, also known as "endpoints." The CiscoWorks Management Center for Cisco Security Agents supports deployments to thousands of endpoints for enhanced scalability.
The CiscoWorks Management Center for Cisco Security Agents is a component of the CiscoWorks VPN/Security Management Solution (VMS). CiscoWorks VMS is an integral part of the SAFE Blueprint from Cisco and combines Web-based tools for configuring, monitoring, and troubleshooting the following:
•Virtual private networks (VPNs)
•Network intrusion detection systems (IDSs)
CiscoWorks VMS addresses the needs of both small- and large-scale VPN and security deployments, and enables organizations to protect productivity gains and reduce operating costs.
The Cisco Security Agent Solution
The Cisco Security Agent technology consists of the CiscoWorks Management Center console resident on a Microsoft Windows 2000 server and host-based agents that are deployed on mission-critical desktops and servers. The agents use the HTTP and Secure Sockets Layer (SSL) protocols (128-bit SSL) for the management interface, and for the communications between agents and the management console.
Cisco Security Agent
For further information about the agents, see the datasheet at:
CiscoWorks Management Center for Cisco Security Agents
The CiscoWorks Management Center for Cisco Security Agents provides all management functions for all agents from a centralized point. Its role-based Web browser "manage from anywhere" access makes it easy for administrators to create agent software-distribution packages, create or modify security policies, monitor alerts, or generate reports. Because it ships with more than 20 fully configured default policies, administrators will find it easy to deploy thousands of agents across the enterprise. The CiscoWorks Management Center also allows customers to deploy agents in "IDS mode," where activity is alerted but not blocked.
The CiscoWorks Management Center offers simple but powerful customization capabilities such as a tuning wizard, allowing administrators to quickly fit default policies to their environments. Administrators can easily modify rules or create new rules to meet custom needs and requirements. To aid audit compliance requirements, an "Explain Rules" feature will print a human-language description of the tasks performed by specified rules or policies.
Agents are deployed to servers and desktops and controlled and updated directly from the CiscoWorks Management Center. Each agent operates autonomously. If communications with the CiscoWorks Management Center is not possible (for example, if a remote laptop user has not yet connected through the VPN), the agent continues to enforce the security policy. All security alerts are cached by the agent and uploaded to the CiscoWorks Management Center when communications are restored.
Note that the CiscoWorks Management Center can forward events from agents to the CiscoWorks Monitoring Center for Security v1.2 console. From this console, the user can see a unified view of events from network IDS sensors, Cisco security agents, firewalls, and routers. The CiscoWorks Monitoring Center also offers additional event correlation and reporting.
The CiscoWorks Monitoring Center for Security and the Management Center for Cisco Security Agents are both components of the CiscoWorks VMS 2.2. The VMS package also includes licenses for three server agents to protect CiscoWorks VMS components.
The CiscoWorks Management Center for Cisco Security Agents is supported on Windows 2000 Server and Advanced Server (Service Pack 3).
For comprehensive hardware and operating requirements, see the CiscoWorks VMS overview at:
The CiscoWorks Management Center is required to run the agents and is a featured component of the CiscoWorks VMS solutions bundle. For ordering details, go to the CiscoWorks VMS product bulletin at:
For More Information
For more information, go to http://www.cisco.com/go/vms or send e-mail to firstname.lastname@example.org.